Authentication for secure identities and services

Thanks to a perfect storm of contributing factors, identity fraud, and data theft is on the rise. The inherent vulnerability of IT systems, complexities in password-based systems, and newly-introduced compliance and security regulations are all having an impact. As a result, customers are looking for identity and access management solutions that deliver simplicity, automation, and choice, but in a way that is safe and – most of all – secure.

At G+D Mobile Security, we help organizations secure communications, protect data, and meet the IT challenges of cloud, mobility, and escalating threats. Our authentication management platforms offer a flexible, simplified service. Because of our innovative industry solutions, we have built up a reputation for providing versatile tools that help financial institutions, governments, organizations, and enterprises comply with regulatory standards that cover authorization rules.

Not only do our solutions eliminate vulnerable usernames and passwords as the means of protecting data, networks, and facilities, they also create, issue, and manage secure digital identities assigned to physical smart cards, tokens, and/or virtual smart cards linked to a computer or mobile device. Use one of our cost-effective, easily deployable and scalable solutions to manage the lifecycle of the trusted digital identity.

The advantages of multi-factor authentication

In the face of increasingly adaptive and creative data and identity thieves, the industry trend is now moving towards what we term “multi-factor authentication” (MFA) It adds a second or even third factor to the pre-existing tokens, for example characteristic physical traits of the user, like a thumb or fingerprint. Put simply, MFA ensures that a user is who they claim to be, as the more factors used to determine a person’s identity, the greater the trust of authenticity. MFA can be achieved using a combination of the following factors:

Something you are, e.g. biometrics, such as a fingerprint (two- or three-factor authentication)

Because multi-factor authentication security requires multiple means of identification at login, it is widely recognized as the most secure method for authenticating access to data and applications. In addition, it secures data and communications.

At G+D, we provide reliable, highly scalable security solutions, to end-users but also organizations and enterprises or service providers alike. The necessary level of security is ensured at all times, without a negative impact on use – whether regarding data at rest, in transit, or in use. G+D offers robust authentication solutions to enable organizations to secure their offers consistently – including identity management and access control. This allows companies and service providers to concentrate on their own core business, without having to keep one eye on security all the time.

Strong authentication devices

StarSign PKI Cards and StarSign Crypto USB Tokens can be easily integrated and used in many client platforms to perform online authentications. The smart card chip in both products assures the highest level of security and can also be used for digital signatures.

Ideal for the end-user market

All products can be used in end-user markets, such as banking, online gaming, online gambling, and the enterprise market for secure log-in, digital signature, document and email encryption, secure banking, and much more.

A wide range of uses

Potential uses include securing access to enterprise applications and VPN connections. The authentication token can also be used to authenticate users and sign transactions. This is especially useful for online banking and mobile banking security, for identity and access management solutions, as well as for eGovernment applications (eTax filing, for example). It is also widely used to secure online or mobile applications.

Plug-and-play solutions

All products can be used on any platform that supports smart cards (such as Windows XP, Windows Vista, Windows 7, Mac OS, and Linux Redhat and Ubuntu), and no additional drivers need to be installed. Both products are also offered with the modern JavaCard-based Smart Card Operating System “Sm@rtCafé Expert 7.0,” which supports a wide range of crypto features such as AES, RSA, elliptic curves, and SHA 512.

Personalization

As with any smart cards, card personalization and individualization services are available with all of our products. We can provide optical personalization such as card or token body printing, and electronic personalization such as pre-installation and configuration of PKI applications.

G+D's authentication range

Introducing StarSign PKI Cards and StarSign Crypto

Our StarSign product line is a high-security and innovative set of solutions that has been tried and tested around the world. Comprising smartcards, tokens, middleware, authentication software, mobile solutions, and card operating software (as well as a broad spectrum of additional services) it is the gold standard in authentication tokens.

Smart cards

Contact-only or contactless

StarSign PKI Cards are available in different versions as contact-only, contactless, and dual-interface (DI). The contact-only version is well suited for PKI-only uses like digital signatures, email encryption, and remote secure connection, while the contactless version is better for physical access functions such as time and attendance recording and access control. A DI card combines both.

These cards can be upgraded for even greater protection. The StarSign FIPS 201 Card complies with rigorous US government personal identification and verification requirements for facilities and information systems (PIV).

Tokens

No additional drivers

Our StarSign Crypto USB Tokens do not require a smart-card reader or any additional drivers and supports all state-of-the-art host operating systems. The Crypto module can come in a plastic housing, a metal housing, or no housing at all, allowing for integrations into third-party devices. It was awarded the FIPS 140-2 Level 3 certification by the USA’s National Institute of Standards and Technology.

Secure interface software

Compatible with middleware solutions

Both, smart cards and tokens, can be integrated with middleware solutions. Middleware is the basis for interactions between smartcards or USB tokens on one hand and IT security applications on the other. G+D provides an all-rounder for strong authentication, integration, and compatibility. It implements the standard PKCS#11 interface for most common computer OS, and Microsoft’s CryptoAPI (CSP) for Windows platforms. It combines compliance with the latest and leading industry standards, and protocols, along with high flexibility to reduce costs of deployments. A middleware makes any PKCS #11 and/or CSP compliant application benefit from features of smart cards and USB tokens on any of the supported platforms.

Case study

ELSTER

ELSTER is an eGoverment portal that allows companies, tax consultants, and private taxpayers to submit their tax returns and tax declarations to the German tax authorities electronically. Since it was introduced in 2006, ELSTER has grown to be the biggest eGovernment portal in Germany with over 20 million income tax declarations being submitted via the system in 2015 alone.

Working in close cooperation with the Bavarian State Office for Taxes, the G+D subsidiary secunet Security Networks AG supported the design and development of the ELSTER security process and now constantly monitors and updates the security mechanisms. The “Sicherheitsstick for ELSTER” is G+D’s StarSign Crypto USB Token, which provides the required high level of security and can be purchased online quickly and conveniently at www.sicherheitsstick.de.

Giesecke & Devrient Mobile Security Southern Africa Pty. Ltd.

By submitting this contact form, I consent to my data being processed to respond to my enquiry - as stated in the <a href="en/za/data-privacy/" class="ce--link" title="G+D privacy policy" target="_blank">G+D privacy policy</a>.TitleMr.Ms.

Related Topics

Manage access to critical systems efficiently and cost-effectively from a single platform. From two-factor authentication to securing multiple access points for securely managed digital identities of people, devices, machines, and applications.